Resetting SSH access after “Too many authentication failures for …” on Google Cloud Compute Engine

Locked yourself out of SSH/SFTP access on Google Cloud Compute Engine? Does the below look familiar… Fun times…

Status: Connecting to domain.com...
Status: Connecting to domain.com...
Response: fzSftp started, protocol_version=8
Command: open "...@domain.com" 22
Error: Server sent disconnect message
Error: type 2 (protocol error):
Error: "Too many authentication failures for ... from 125.18.17.115 port 7145 ssh2"
Error: Could not connect to server

Here’s how to increase the number of allowed login attempts within sshd_config and then restart the sshd service so you can get back to work. πŸ™‚

  1. Open up Google Cloud Console
  2. From the Menu button open Compute Engine > VM Instances
  3. Beside your Compute Engine instance hit the SSH button within the Connect column
  4. When your terminal connection is established enter the following:
    sudo nano /etc/ssh/sshd_config
  5. By default the sshd_config file does not have a MaxAuthTries entry but scroll through the file using the up/down keys and check just incase…
  6. I set the maximum number of login attempts to 10, change this number to suit your security needs. Add the following lines anywhere within the sshd_config file:
    # Max login attempts
    MaxAuthTries 10
  7. Save and close the file by using the following keyboard combinations:
    CTRL+O followed by the enter key to save the file changes
    CTRL+X to close the Nano file editor
  8. Reboot the sshd service using the following commands (I’m not sure which one works so let’s do all of them…)
    sudo service sshd restart
    sudo systemctl restart sshd
  9. Try and reconnect to your Compute Engine instance using Putty (SSH) or Filezilla (SFTP)

That’s it πŸ™‚

Published by

Michael Visser

I'm a WordPress Plugin developer, UAV & Raspberry Pi enthusiast and general tinkerer. This visser.io domain serves as my development playground for non-WordPress Plugin projects.

Leave a Reply

Your email address will not be published. Required fields are marked *